BSD Commit Log Search

   doc/TODO: firefox115 is no more

   doc: note removal of firefox115

   firefox115: remove package

   As proposed on pkgsrc-users. No objections or known users that can't
   move to a newer ESR (this version having just gone EOL).

   MaybeSubMake: ignore line beining with any of [@+-]

   The control chars [@+-] can be interspersed with white-space
   so use [ \t@+-]

   PR: 60016
   Reviewed by:

   cad/occt: Fix whitespace pionted out by pkglint

   doc: Updated net/mosquitto to 2.1.2

   net/mosquitto: Update to 2.1.2

   2.1.2 - 2026-02-09
   ==================

   Broker:
   - Forbid running with `persistence true` and with a persistence plugin at the
     same time.

   Build:
   - Build fixes for OpenBSD. Closes #3474.
   - Add missing libedit to docker builds. Closes #3476.
   - Fix static/shared linking of libwebsockets under cmake.

   doc: Updated security/py-trezor to 0.20.0

   Update security/py-trezor to 0.20.0

   ## [0.20.0] (2026-02-10)
   [0.20.0]: https://github.com/trezor/trezor-firmware/compare/python/v0.20.0-dev0...python/v0.20.0

   Version 0.20.0 introduces a set of **major breaking API changes**. All user code must be upgraded.

   As announced, the API has changed significantly since the pre-release version 0.20.0-dev.

   ### Incompatible changes
   - Refactor trezorlib session-based API.  [#6273]

   ### Added
   - Use keyring package for storing THP keys and credentials.  [#6273]

   ### Removed
   - Deprecate uploading language blob during firmware update.  [#6103]
   - debuglink: Remove vestigial memory_write/read/erase methods.  [#6273]
   - Deprecated `@expect` decorator was removed.  [#6273]

    [86 lines not shown]

   doc: Added security/py-slip10 version 1.1.0

   Add security/py-slip10

   This is a new dependency for security/py-trezor.

   doc: Added security/py-shamir_mnemonic version 0.3.0

   Add security/py-shamir_mnemonic

   This is a new dependency for security/py-trezor.

   doc: Added security/py-noiseprotocol version 0.3.1

   Add security/py-noiseprotocol

   This is a new dependency for security/py-trezor.

   Cosmetic, use __func__.

   skip command flags before trying to look for the word "make".

bind920: update to BIND version 9.20.20:

Pkgsrc changes:
 * Version bump + checksums.

Upstream changes:

Notes for BIND 9.20.20
----------------------

Security Fixes
~~~~~~~~~~~~~~

- Fix a use-after-free error in ``dns_client_resolve()`` triggered by a
  DNAME response.

  This issue only affected the :iscman:`delv` tool and it has now been
  fixed.


    [75 lines not shown]

   Add test case for sockets and fifos through null mounts.

   I would also add a test case of sending and receiving a datagram, but
   nc(1) doesn't seem to have a way to send or receive _one_ datagram;
   as far as I can tell, it just loops forever on datagram sockets, with
   no stopping point because there's no concept of FIN/shutdown().

   PR kern/51963: sockets in chroot sandbox via null-mounts don't work

   #7054

   Pullup ticket #7045 - requested by gutteridge
   www/firefox140: security fix
   www/firefox140-l10n: dependent update

   Revisions pulled up:
   - www/firefox140-l10n/Makefile                                  1.6
   - www/firefox140-l10n/distinfo                                  1.6
   - www/firefox140/Makefile                                       1.11
   - www/firefox140/distinfo                                       1.10

   ---
      Module Name:    pkgsrc
      Committed By:   gutteridge
      Date:           Tue Feb 24 14:07:55 UTC 2026

      Modified Files:
              pkgsrc/www/firefox140: Makefile distinfo

      Log Message:

    [438 lines not shown]

Reset maintainership

   musescore: work around a build issue with GCC < 10

   update of vim

   Security update to patchset 9.2.0077.

   Changes:
   - patch 9.2.0077: [security]: Crash when recovering a corrupted swap file
   - patch 9.2.0076: [security]: buffer-overflow in terminal handling
   - patch 9.2.0075: [security]: Buffer underflow with emacs tag file
   - patch 9.2.0074: [security]: Crash with overlong emacs tag file
   - patch 9.2.0073: [security]: possible command injection using netrw
   - patch 9.2.0072: inside_block() uses wrong index in loop
   - patch 9.2.0071: Vim9: lambda function deleted on re-sourcing
   - patch 9.2.0070: tests: various tests leave swapfiles around
   - runtime(env): add ftplugin for env filetype
   - patch 9.2.0069: highlight: incorrect string length and redundant code
   - patch 9.2.0068: Inefficient use of list_append_string()
   - patch 9.2.0067: memory leak in dict_extend_func()
   - patch 9.2.0066: memory leak in build_drop_cmd()
   - patch 9.2.0065: memory leak in invoke_sync_listeners()
   - patch 9.2.0064: popup: opacity feature causes flickering
   - patch 9.2.0063: memory leak in type_name_list_or_dict()

    [69 lines not shown]

   PR/60035: Matthias Petermann: CTLFLAG_PRIVATE can be bypassed for sysctl nodes
   with custom handlers in sysctl_dispatch()

   lang/ocaml; Update to 4.14.3

   Addresses some security issues but NEWS lacks CVE refs.

   Successfully built 10 ocaml-foo and unison, on NetBSD 10 amd64.


   OCaml 4.14.3 (17 February 2026)
   ------------------------------

   ### Bug fixes:

   - #12070, #12075, #13209: auto-detect whether `ar` support @FILE arguments at
     configure-time to avoid using this feature with toolchains that do not support
     it (eg FreeBSD/Darwin); backport from 5.3.
     (backport by Boris Dobroslavov, original fix by Nicolás Ojeda Bär, review by
     Xavier Leroy, David Allsopp, Javier Chávarri, Anil Madhavapeddy)

   - #12207, #12222: Make closure computation linear in the number of recursive

    [28 lines not shown]

   doc: Updated lang/ocaml to 4.14.3

   doc: Updated net/yt-dlp-ejs to 0.5.0

   yt-dlp-ejs: update to 0.5.0

   - Dev and runtime improvements
   - fix: sig extraction in main variant of player
   - Fix sig solving for tce and es6 player variants